Tuesday, May 16, 2023

NEW INC. MAGAZINE COLUMN BY HOWARD TULLMAN

 

Fraud Protection Is So Easy. Why Won't We Do It?

You can take these very simple steps to protect yourself, or be like lots of tech companies and keep doing the same dumb things that lead to losses.

 

BY HOWARD TULLMAN, GENERAL MANAGING PARTNER, G2T3V AND CHICAGO HIGH TECH INVESTORS@TULLMAN

 

I have come to believe, sadly, that it's impossible to convince the vast majority of digital consumers that they should take the few simple steps, and invest the embarrassingly modest amount of dollars needed, to protect the security and confidentiality of their passwords. You can explain things to people repeatedly, but the simple truth is that you can't understand things for them. If only we could learn what's important before it's too late, we'd be far ahead of the game. Prevention rather than cure. It's so much smarter and cheaper to avoid the pothole entirely than to get a great deal on a tow truck or a new tire.

But instead of preemptive actions, we're lazy, we're sloppy, and far too many of us continue to use the same short, stupid, and easily solvable passwords repeatedly across multiple applications on our phones and PCs. This creates continuing and growing risks of losses, which can be many times the amount of the costs of avoidance through basic preventative actions. When you're dying of thirst, it's too late to start digging your well.

There are simple, cost-effective solutions for password and secrets management available from firms, like Keeper Security, that do a first-class job of password protection. But it's far harder than you'd expect to convince people to invest the one-time effort needed to protect their identity and most valuable assets. We're apparently all willing to invest far more in trying to secure something good or advantageous than we are in trying to keep something bad from happening. And, amazingly, it doesn't get much better or easier to get consumers to make such a move even after they've been hacked -- whether they know it or not.

You'd think, if there was any substantial group of easily targeted and prospective adopters for security solutions like these, that major tech companies, consulting and accounting firms, government agencies, and their employees would be high on the list, but, here again, it's a matter of the shoemaker's kids and large-scale IT departments generally do a horrible job of patrolling and securing their own environments and enforcing consistent security measures on their own teams.

But what's struck me lately is an entirely separate set of exposures that relate -- with apologies to Capitol One -- to exactly "what's in your wallet" and what would happen if it was lost or stolen in a theft or carjacking. Even the best password plans won't really help you much in this situation, but a couple of simple steps and about 15 minutes of your time can make a huge difference.

I know that we see hundreds of ads every week online or on the tube about how quickly and easily we can shut down or replace a lost card, but here's a flash: All the contact numbers and URLs that you need to reach and tell the many issuers that your cards have gone astray are on the cards, which are in your wallet which -- in a case like this -- you no longer have in your possession. It's a lot like trying to use "Find My Phone" app when it's your phone that's missing and that's where the app resides.

Worse yet, if you asked yourself and answered honestly, you'd admit that you really have little or no idea of exactly what credit cards, debit cards, access badges, medical alert info, insurance stuff, licenses, and other stuff are stuffed in your wallet or purse at the moment-- and absolutely no idea of who or how or where you'd go to cut off, cancel, or replace these items.  

So, here's what I would suggest to save yourself a great deal of grief and a lot of running around trying to track down and contact all these various parties when the problem arises. And, by the way, while this is certainly a phygital solution from the age of bricks and mortar, you can use the Keeper Security Vault application on your phone to quickly and easily digitally store all the images I’m talking about below securely on your cellphone and have them instantly available to you there in the event of a lost wallet.

1. Inventory your wallet or purse.

Throw away the four-year-old business card from the guy at the Omaha airport you never called. Dump the hardware store receipt for the touch-up paint you bought and never used. Recycle the expired proof of insurance cards for the cars you sold years ago. Do you really need to carry your voter's registration card anymore? You get the idea.

2. Copy the cards and store the information in a couple of places.

Put all the cards that are still current and in use neatly on the glass of your printer, copier, or whatever (or use your camera) and make copies of the front and back. This shouldn't be more than a page or two. Make a few copies of the pages. Put the date you created the pages on each page as a reminder of how current your backup plan is.

3. Take an extra 5 minutes to write the contact phone numbers on the images of the front of the cards.

A lot of the critical info -- sometimes even the card numbers themselves -- isn't on the front of the cards, which is why you need to copy both sides. But to save time and confusion, I also find the number to call and write that number for each card on the face image of the cards on your compilation pages so it's handy when you need it.

4. Do the same thing for your significant other and make sure you each have copies of both lists stored in a safe place.

This may take a little discussion, but again, it's worth doing and it's a good way for both of you to review, rehearse, and understand what the necessary notification steps are in the case of any lost cards.

Pat yourself on the back(s) and hope you never need these lists. But remember that the frequency of these problems is constantly increasing and the costs of not being prepared and equipped to quickly deal with them are also growing. It's so much easier to anticipate these things than to try to fix them after the fact. And, while the past is past, it's never too late to change the future.